package cafebabe;

import android.content.Context;
import android.net.http.SslError;
import android.webkit.SslErrorHandler;
import com.huawei.smarthome.common.lib.constants.IotHostManager;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.OkHttpClient;

/* compiled from: CertificateUtil.java */
/* loaded from: classes20.dex */
public class q01 {

    /* renamed from: a, reason: collision with root package name */
    public static final String f8697a = "q01";
    public static final X509TrustManager c;
    public static final HostnameVerifier e;
    public static OkHttpClient.Builder g;
    public static final Object b = new Object();
    public static final SSLSocketFactory d = f();
    public static volatile X509TrustManager f = null;

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes20.dex */
    public class a implements pdb {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ SslErrorHandler f8698a;
        public final /* synthetic */ t01 b;

        public a(SslErrorHandler sslErrorHandler, t01 t01Var) {
            this.f8698a = sslErrorHandler;
            this.b = t01Var;
        }

        @Override // cafebabe.pdb
        public void a(Context context, String str) {
            cz5.j(true, q01.f8697a, "verify failed add callback");
            this.f8698a.cancel();
            this.b.onVerifyFailed();
        }

        @Override // cafebabe.pdb
        public void b(Context context, String str) {
            String unused = q01.f8697a;
            q01.c(this.f8698a);
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes20.dex */
    public static class b implements HostnameVerifier {
        public b() {
        }

        public /* synthetic */ b(a aVar) {
            this();
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                cz5.t(true, q01.f8697a, "commercial version, trust all host name forbidden");
                return false;
            }
            String unused = q01.f8697a;
            return true;
        }
    }

    /* compiled from: CertificateUtil.java */
    /* loaded from: classes20.dex */
    public static class c implements X509TrustManager {
        public c() {
        }

        public /* synthetic */ c(a aVar) {
            this();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (IotHostManager.getInstance().isCommercialCloud()) {
                cz5.j(true, q01.f8697a, "commercial version, trust all server forbidden");
                throw new CertificateException("CertificateUtil checkServerTrusted error");
            }
            String unused = q01.f8697a;
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    static {
        a aVar = null;
        c = new c(aVar);
        e = new b(aVar);
        e();
    }

    public static void c(SslErrorHandler sslErrorHandler) {
        if (sslErrorHandler != null) {
            cz5.m(true, f8697a, "handler.proceed()");
            sslErrorHandler.proceed();
        }
    }

    public static X509TrustManager d() {
        try {
            return nd9.a(kh0.getAppContext());
        } catch (IOException unused) {
            cz5.j(true, f8697a, "init aegisTrustManager IO exception");
            return null;
        } catch (KeyStoreException unused2) {
            cz5.j(true, f8697a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            cz5.j(true, f8697a, "no such algorithm");
            return null;
        } catch (CertificateException unused4) {
            cz5.j(true, f8697a, "certificate init fail");
            return null;
        }
    }

    public static void e() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        g = builder;
        builder.dispatcher(t67.a("CertificateUtil OkHttp Dispatcher"));
        g.sslSocketFactory(getSslSocketFactory(), getX509TrustManager());
        g.hostnameVerifier(getHostnameVerifier());
    }

    /* JADX WARN: Removed duplicated region for block: B:11:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0025  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static javax.net.ssl.SSLSocketFactory f() {
        /*
            r0 = 0
            r1 = 1
            r2 = 0
            java.lang.String r3 = "TLSv1.2"
            javax.net.ssl.SSLContext r3 = javax.net.ssl.SSLContext.getInstance(r3)     // Catch: java.lang.Throwable -> L17
            javax.net.ssl.TrustManager[] r4 = new javax.net.ssl.TrustManager[r1]     // Catch: java.lang.Throwable -> L18
            javax.net.ssl.X509TrustManager r5 = cafebabe.q01.c     // Catch: java.lang.Throwable -> L18
            r4[r0] = r5     // Catch: java.lang.Throwable -> L18
            java.security.SecureRandom r5 = cafebabe.id9.getSecureRandom()     // Catch: java.lang.Throwable -> L18
            r3.init(r2, r4, r5)     // Catch: java.lang.Throwable -> L18
            goto L23
        L17:
            r3 = r2
        L18:
            java.lang.String r4 = cafebabe.q01.f8697a
            java.lang.Object[] r5 = new java.lang.Object[r1]
            java.lang.String r6 = "sslContext init error"
            r5[r0] = r6
            cafebabe.cz5.j(r1, r4, r5)
        L23:
            if (r3 == 0) goto L29
            javax.net.ssl.SSLSocketFactory r2 = r3.getSocketFactory()
        L29:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: cafebabe.q01.f():javax.net.ssl.SSLSocketFactory");
    }

    public static boolean g() {
        return (IotHostManager.getInstance().isCommercialCloud() || IotHostManager.getInstance().getHostIndex() == 3) ? false : true;
    }

    public static HostnameVerifier getHostnameVerifier() {
        return g() ? e : jd9.STRICT_HOSTNAME_VERIFIER;
    }

    public static SSLSocketFactory getSslSocketFactory() {
        if (g()) {
            return d;
        }
        try {
            return jd9.getInstance(kh0.getAppContext());
        } catch (IOException unused) {
            cz5.j(true, f8697a, "get sslSocket factory io fail");
            return null;
        } catch (IllegalAccessException unused2) {
            cz5.j(true, f8697a, "illegal access exception");
            return null;
        } catch (KeyManagementException unused3) {
            cz5.j(true, f8697a, "key management exception");
            return null;
        } catch (KeyStoreException unused4) {
            cz5.j(true, f8697a, "key store fail");
            return null;
        } catch (NoSuchAlgorithmException unused5) {
            cz5.j(true, f8697a, "no such algorithm");
            return null;
        } catch (CertificateException unused6) {
            cz5.j(true, f8697a, "get certificate fail");
            return null;
        }
    }

    public static HostnameVerifier getTrustAllHostnameVerifier() {
        return e;
    }

    public static SSLSocketFactory getTrustAllSslSocketFactory() {
        return d;
    }

    public static X509TrustManager getX509TrustAllManager() {
        return c;
    }

    public static X509TrustManager getX509TrustManager() {
        if (g()) {
            return c;
        }
        if (f != null) {
            return f;
        }
        synchronized (b) {
            if (f == null) {
                f = d();
            }
        }
        return f;
    }

    public static void h(SslErrorHandler sslErrorHandler, SslError sslError, Context context) {
        String str = f8697a;
        cz5.m(true, str, "verifyWebViewCertificate start");
        if (sslErrorHandler == null || sslError == null || context == null) {
            cz5.t(true, str, "parameters contain null");
        } else if (!g()) {
            odb.a(sslErrorHandler, sslError, context);
        } else {
            cz5.m(true, str, "isTrustAllCloud()");
            c(sslErrorHandler);
        }
    }

    public static void i(SslErrorHandler sslErrorHandler, SslError sslError, Context context, t01 t01Var) {
        if (t01Var == null) {
            cz5.t(true, f8697a, "callback is null");
            return;
        }
        if (sslErrorHandler == null || sslError == null || context == null) {
            cz5.t(true, f8697a, "parameters contain null");
            t01Var.onVerifyFailed();
        } else if (!g()) {
            odb.b(sslErrorHandler, sslError, null, context, new a(sslErrorHandler, t01Var));
        } else {
            cz5.m(true, f8697a, "cloud is trust AllCloud");
            c(sslErrorHandler);
        }
    }
}
